#VU7201 Privilege escalation in Windows Server and Windows - CVE-2017-8579
Published: June 26, 2017
Vulnerability identifier: #VU7201
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-8579
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Windows Server
Windows
Windows Server
Windows
Software vendor:
Microsoft
Microsoft
Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to improper handling of objects in memory by the DirectX. A local attacker can run a specially crafted application and execute arbitrary code with system privileges.
Successful exploitation of the vulnerability may result in system compromise.
The weakness exists due to improper handling of objects in memory by the DirectX. A local attacker can run a specially crafted application and execute arbitrary code with system privileges.
Successful exploitation of the vulnerability may result in system compromise.
Remediation
Install update from vendor's website.